ef4e7b2165
post/windows/manage/persistence_exe: Replace IO.read with File.binread
2022-03-05 13:24:55 +00:00
83b2f5a128
Land #16268 , Update check comhijack
2022-03-04 09:59:49 -05:00
ad2fab6fee
Land #16153 , read full response on smtp send/recv
2022-03-04 01:24:46 +00:00
fb658fbb13
Land #16245 , pfSense Authenticated File Write (CVE-2021-41282)
...
Merge branch 'land-16245' into upstream-master
2022-03-03 15:08:34 -06:00
3f35524c61
Rubocop fixes
2022-03-03 13:02:55 -06:00
f0878f4d1a
Improve check method and add autocheck
2022-03-03 12:52:05 -06:00
6be3443680
Land #16103 , LPE in polkit's pkexec (CVE-2021-4034)
2022-03-03 09:24:11 -05:00
0463373756
Simplify finding pkexec
2022-03-03 09:19:45 -05:00
e649fe3f69
Fix some markdown issues, update docs and add arch check for payloads
2022-03-02 16:30:52 -06:00
d60e625746
Land #16254 , shodan_search default user-agent
...
Fixes #16189 and #16223
2022-03-02 16:57:05 -05:00
06e897436c
Add Fedora results to docs and some minor final cleanup
2022-03-02 09:12:01 -06:00
58aed837b2
Update docs and options
2022-03-01 14:48:48 -06:00
bb2a2e458b
shodan_search default user-agent overwirte - fix #16189 and #16223
...
As the Shodan is checking the UserAgent to decide which content-type it
will deliver, the default user-agent is causing it to reply a html page.
This commit overwrite the default user-agent the the module shodan_search
to 'Wget' that works in on the shodan API.
2022-03-01 21:31:35 +01:00
0516badd8e
Change the way we cd after new session is created
2022-03-01 14:20:07 -06:00
5e5c207864
Update metasploit-payloads gem to 2.0.76
2022-03-01 10:01:07 -05:00
0081811c52
Land #16185 , Firefox CVE-2020-26950 use after free browser exploit
...
Merge branch 'land-16185' into upstream-master
2022-02-28 14:38:23 -06:00
0d10409d67
Land #16131 , add modern events calendar sqli
2022-02-28 12:27:45 -06:00
65e16a1a72
Initial implementation of pfSense auth file creation bug (CVE-2021-41282)
2022-02-27 18:12:54 -08:00
579811418f
update documentation with note about Firefox 82.0.1
2022-02-26 12:35:38 +00:00
ecaf8b1ba9
Land #16204 , Hikvision Unauthenticated RCE (CVE-2021-36260)
...
Merge branch 'land-16204' into upstream-master
2022-02-25 16:37:08 -06:00
b69db83398
Land #16202 , Add exploit for CVE-2022-21882 (Win32k LPE)
...
Merge branch 'land-16202' into upstream-master
2022-02-25 15:55:48 -06:00
217afa0f3b
Land #16190 , Axis Camera App RCE (No CVE)
2022-02-25 11:35:03 -06:00
1e0db45f1d
Add small note about ARMLE stager for future travelers
2022-02-25 11:34:31 -06:00
2bec5c425f
Change CheckCode to Appears
2022-02-25 08:32:06 -08:00
1facfe4a2f
Alter upload filename.
2022-02-25 02:53:52 -08:00
d055a7d811
Altered some randomization, the json extracted by check, and fixed some wording
2022-02-24 18:48:21 -08:00
48072b6554
Fix rubcop complaint introduced in suggestion commit
2022-02-24 18:28:38 -08:00
454eba2438
Apply suggestions from code review
...
Added changes suggested by @gwillcox-r7
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com >
2022-02-24 21:25:09 -05:00
a500435080
Land #16182 , wordpress Secure Copy COntent Protection and Content Locking Unauthenticated SQLi (CVE-2021-24931)
2022-02-24 15:55:29 -06:00
9b53ed5f5c
Add final randomization parts before landing
2022-02-24 15:43:21 -06:00
8d080135bb
First round of review edits
2022-02-24 13:46:33 -06:00
544f8e161a
Land #16164 , Create Module For CVE-2021-42321
2022-02-24 11:36:12 -05:00
2b0002031d
Fix the minimum build number
...
This particular change looks like a mistake. Build 17134 (v1803) is the
oldest that is supported.
2022-02-24 11:24:20 -05:00
9f05a7d11a
Removed unneeded custom timeout
2022-02-24 08:13:04 -08:00
6d325933a9
Remove the default payload options
2022-02-24 10:55:38 -05:00
3739dad470
Updated to use print_bad instead of fail_with for application removal errors. Also included instructions on how to manually remove the application
2022-02-24 07:44:34 -08:00
e1616a520f
Fixed a couple of typos. Changed a CheckCode. Randomized the replaced tmp file name
2022-02-24 06:38:36 -08:00
585b470703
Land #16093 , Fix URL refs for various modules and improve tools/modules/module_reference.rb code
2022-02-23 17:04:26 -06:00
5f672019ac
Add in RuboCop fixes before final land
2022-02-23 16:27:12 -06:00
40c3dd68a2
Land #16061 - Add support to retrieve user list from wp-json to wordpress_scanner module
2022-02-22 17:58:02 -06:00
fddd3f15c2
Fix up code so that it will not block on attempting to delete the configuration on the folder, just in case the configuration doesn't exist in the first place. Instead print a warning and continue.
2022-02-22 17:52:29 -06:00
dc301a12bd
Land #16156 , Authenticated Microweber v1.2.10 Local File Inclusion
2022-02-22 18:20:59 +00:00
95f47847e2
VHOST compatibility added
2022-02-22 14:21:33 +03:00
5e4f7a1707
Land #16200 , fix post/windows/enum_chrome on Chrome > 80
2022-02-21 11:38:47 +00:00
4cd3563bc7
Initial commit of exploit for CVE-2021-36260
2022-02-19 13:13:24 -08:00
f311bd4fce
Remove duplicate warning
2022-02-18 16:31:35 -06:00
3ea032472d
Updated exploit with better check method, added OnSessionCmd option
...
to run a command when a session is bootstrapped, added more
documentation.
2022-02-18 16:30:47 -06:00
443bf1249a
Remove all the old CVE-2021-1732 data
2022-02-18 15:25:39 -05:00
bcd7cb1122
Writeup the module metadata and docs
2022-02-18 15:23:44 -05:00
d92259f868
One exploit for CVE-2021-1732 and CVE-2022-21882
2022-02-18 15:23:38 -05:00
Brendan Coles